Fantom ransomware pretends to be Windows update

by Derek Kortepeter

One of the most popular ways that black hats infect computers is by making malware look legitimate. For the untrained eye, this could mean a professional looking bank email, a free software download, or even an operating system update. The latter strategy is what is being employed to convince users to download Fantom, a new strain of ransomware. Uncovered by AVG security researcher Jakub Kroustek, Fantom disguises itself as a “critical update” file that shows a fake Microsoft copyright. According to the AVG report, the ransomware targets “Intel 386 or later processors and compatible processors,” and functions under the file names: